[tor-bugs] #29552 [Core Tor/Tor]: memory leak: protover_contains_long_protocol_names in protover.c calls parse_protocol_list, but doesn't free smartlist returned (treats it as a boolean)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 21 14:52:55 UTC 2019
#29552: memory leak: protover_contains_long_protocol_names in protover.c calls
parse_protocol_list, but doesn't free smartlist returned (treats it as a
boolean)
---------------------------+------------------------------
Reporter: drjohnson1984 | Owner: (none)
Type: defect | Status: closed
Priority: High | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.3.3.7
Severity: Normal | Resolution: invalid
Keywords: memory-leak | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------+------------------------------
Changes (by dgoulet):
* priority: Medium => High
* resolution: => invalid
* status: new => closed
* component: Core Tor => Core Tor/Tor
Comment:
Here is the function:
{{{
bool
protover_contains_long_protocol_names(const char *s)
{
smartlist_t *list = parse_protocol_list(s);
if (!list)
return true; /* yes, has a dangerous name */
SMARTLIST_FOREACH(list, proto_entry_t *, ent, proto_entry_free(ent));
smartlist_free(list);
return false; /* no, looks fine */
}
}}}
The `if (!list)` means `if (list == NULL)` so we are looking at it and we
only free it if non-NULL.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29552#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list